package cn.com.shaom.learning.sb.security.example3;

import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;

import javax.annotation.Resource;
import java.util.Collection;

/**
 * ClassName: RefreshAuthenticationTools
 * Description: 权限刷新工具类
 * spring security 默认实现是用户登录后获取权限信息并存起来就不变了，后台修改用户权限后需要用户重新登录才能使用新权限。
 * Date: 2018/1/26 16:29 【需求编号】
 *
 * @author Sam Sho
 * @version V1.0.0
 */
@Component
public class RefreshAuthenticationTools {

    @Resource
//    CustomDetailsServiceImpl customDetailsService;

    public void refresh() {


        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication.isAuthenticated()) {
            String name = authentication.getName();
            Object principal = authentication.getPrincipal();
            Object credentials = authentication.getCredentials();
//            UserPrincipal userPrincipal = (UserPrincipal) customDetailsService.loadUserByUsername(name);


            Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();


            // 在当前访问线程的ThreadLocal中设置 authResult
            SecurityContextHolder.getContext().setAuthentication(authentication);
        }


    }
}